Latest Leak: NSA Can Spy On Almost Anything, Gets To Set Its Own Filters

from the and-another-shoe-drops dept

And, here we go again. This time, it's the WSJ journal with the scoop on NSA surveillance, and how the defenders of the NSA have been lying to us. Despite claims that the NSA was really only focused on foreign communications, the WSJ is reporting that it actually covers 75% of US internet traffic:

The National Security Agency—which possesses only limited legal authority to spy on U.S. citizens—has built a surveillance network that covers more Americans' Internet communications than officials have publicly disclosed, current and former officials say.

The system has the capacity to reach roughly 75% of all U.S. Internet traffic in the hunt for foreign intelligence, including a wide array of communications by foreigners and Americans. In some cases, it retains the written content of emails sent between citizens within the U.S. and also filters domestic phone calls made with Internet technology, these people say.

Basically, they're just revealing more details about the things that whistleblower Mark Klein revealed years ago: that the NSA has deals with the major telcos which scoop up a huge amount of internet traffic.

The programs, code-named Blarney, Fairview, Oakstar, Lithium and Stormbrew, among others, filter and gather information at major telecommunications companies. Blarney, for instance, was established with AT&T Inc., former officials say. AT&T declined to comment.

This filtering takes place at more than a dozen locations at major Internet junctions in the U.S., officials say.

The WSJ report is wrong on one account, though. It claims that people believed that the NSA's filtering actually happened "where undersea or other foreign cables enter the country" but that's not true. Mark Klein made it clear that the NSA had machines directly on AT&T's property.

And, of course, it will come as no surprise that these programs that work directly with telcos to tap into full internet traffic aren't just about metadata:

...this set of programs shows the NSA has the capability to track almost anything that happens online, so long as it is covered by a broad court order.

[....] Inevitably, officials say, some U.S. Internet communications are scanned and intercepted, including both "metadata" about communications, such as the "to" and "from" lines in an email, and the contents of the communications themselves.

This also shouldn't be a surprise. For all the talk of "metadata" it was always clear that the surveillance defenders were talking about this program only, which was the Patriot Act Section 215 "business records" program. But other programs, such as these listed above, were clearly about actual content as well.

While the report does note that some "minimization" happens, there is clearly widespread ability to abuse. The system works by having the NSA telling the telcos to only send over certain traffic covering "certain areas of interest" which the NSA then "briefly copies" and decides what to keep and what to dump. Again, this is consistent with earlier reports of the NSA searching all emails that go into and out of the US.

The latest report is, again, replete with NSA doublespeak. It claims that it's not "accessing" all of this traffic, because it asks the telcos to do some of the filtering for it. That's how it gets away with talking about "things we actually touch," even though its deals with the telcos basically mean they can access almost everything.

The WSJ further reports that, while most of the requests are targeted towards foreign communications, there are times when it's quite clear that requests are likely to cover domestic communications. Some telcos apparently push back, causing "friction", while others seem to comply with no qualms, though there is no indication of which telcos fall into which camp.

The report further confirms that this program is considered "legal" by the administration thanks to a broad interpretation of the FISA Amendments Act, giving the NSA the power to snoop on people "reasonably believed" to be outside the US, rather than requiring "probable cause" that they were "an agent of a foreign power." Also, there's this:

NSA has discretion on setting its filters, and the system relies significantly on self-policing. This can result in improper collection that continues for years.

The report also claims that it was one of these "mistakes" that resulted in three years of illegal collections (much greater than the "few months" that were revealed in last week's Washington Post article).

And now we wait for another bunch of carefully worded statements from NSA defenders...

Re: Re:

We need domestic spying, that creepy guy down the street is planning to rape your wife, daughter, son and the family dog.
The world is full of sickos and the only way to stop them is by spying on everyone.
If you are against this spying you must be a pedofile terrorist.

Re:

You might have missed it, but there has indeed been someone trying to defend the NSA's/government's actions in the comments sections in just that fashion, talking about the big bad boogiemen that will 'skewer' people, and 'roast them over fires' and similarly childish things.

It's almost funny in a way how completely inept it is, and the assumption that everyone else is as gullible and easily scared as they are.

'The enemies of the free world are militant and ruthless. They will stop at nothing to skewer you and me, roast us up over a fire and throw some livers on the bbq.'

That's the latest scare-mongering attempt from that AC, I'd have to do a little digging to find the other one I responded to, but it was equally as childish, and like his/her other comments follows the same theme of 'The big bad monsters are going to get you, but don't worry, the government will protect you, as long as you do as you're told and don't question them'.

Re: Re:

You make a good point.
Bizarrely it's the other way around. Every time the mass surveillance fails to prevent a terrorist attack, there will always be cries for pumping more resources into the very programs that just failed to achieve the designed result. Thus the path to more money and power for the government departments and the corporations that benefit from these programs, is to not succeed in stopping 100% of terror attacks. A successful attack every once in a while will thus yield a large influx of cash.

I think we all suspect that the NSA has been playing "Hide the Content" since these leaks began. They're collecting it, they don't want to admit it, and they're against transparency because they know what it will uncover.

Well, it has been mentioned over and over that we haven't heard all of it or the least of it. Somehow I still believe the rabbit hole is much, much, deeper.

This pretty much seals up the claims we've been hearing about oversight, authority, and what is or is not done. Even though this is highly unlikely to be the worst of the worst on it's capabilities and it's practices, by itself this is enough. It's enough to stick a fork in and call it done.

This release is from WSJ. Greenwald has yet to respond to the latest oneupmanship that was played out in the UK yesterday. Somehow, the shoe that falls will undoubtedly reveal more damaging news but this one hits fairly hard already.

Just like there is no accountability unless the NSA chooses to reveal it voluntarily, it also looks with this new release that it can pick and choose it's requirements with no one looking over it's shoulder.

Given how much we've been lied to already, there is nothing left to suspect but the public trust continue in freefall given that none of the officials want to be truthful and up front.

Re:

Personally I'm waiting for when we find out they automatically build profiles on everyone, including Americans, to make it easier to see what data belongs to who when they want to look something up. When you're collecting large amounts of data, it's kind of the next logical step to sort it.

Someone talking about blowing up something and context isn't clear? Check and see what else they do online. Buy a bunch of movie tickets online? Play a bunch of videogames? Casually argue about the politics of the war on terror? Likely a false positive. Go on about conspiracy theories, call for direct action against the government, and buy a pressure cooker on amazon? Time for the men in black SUVs to pay you a visit.

Talk about buying drugs? Been browsing online pharmacies? Likely just someone looking to lower their Rx costs. Talk about buying drugs, and have no indications that you're talking about prescriptions? Time for some tracking, after all, drug money can fund terrorists. Etc.

Huge NSA fan

Let's give them something to work with.
Sarin, or GB, is an organophosphorus compound with the formula [(CH3)2CHO]CH3P(O)F. It is a colorless, odorless liquid,[4] used as a chemical weapon owing to its extreme potency as

I can tell you with 99% certainty. If you're a law-abiding US citizen using encryption software for domestic text messaging, the NSA will take notice and send a web browser spyware update to your cell phone.

Re:

I'm pretty seriously sure all of our cell phones ALREADY have carrier-installed spyware that gathers everything we do with them for the NSA repositories. I've actually been suspecting it since the CarrierIQ debacle. That thing was ugly and a PITA, and, if done better, we'd never have known.

Re: Re:

Check out Sprint's Mobile ID and Sprint Connection Manager. Verizon's, too. Can't remove them, they re-enable from network periodically, Connection Manager passively scans WiFi IDs stores, and transmits that information, and you cannot clear that data. You also cannot opt-out of Mobile ID's User Agreement, which gives Sprint permission to store and sell ALL voice and data from your phone: there is no "No" option, only "Yes" and you cannot get past it to use your phone without knowing how, plus considerable PITA steps.

Keep 'em coming Guardian, WP, WSJ!

Keep waving that big red flag in front of the angry bull (American public), more and more people will get more and more pissed off until eventually the bull will have had enough and will gore the living s**t out of anything that gets in its way.

I just hope I get to see it happen, after all I'm part of that bull. I'll let you speculate which part. :)

Thanks for the heads up on CarrierIQ. I ran a few detection tests from Google Play Store, and they all came back negative.

My favorite part from the CarrierIQ Wikipedia article was this.

"A request to the FBI under the Freedom of Information Act for “any manuals, documents or other written guidance used to access or analyze data gathered by programs developed or deployed by Carrier IQ” was denied, citing pending law enforcement proceeding. This has led to speculation that the FBI is using data obtained through Carrier IQ for investigations.[50]"

It was telco immunity in 2007 that did it.
Telco's no longer needed to follow the laws of Congress, they only needed NSA to say it was legal.
So telco's obeyed General Alexander and could safely ignore the laws of Congress.
First thing he did when this scandle came out was demand the same immunity for every company he had done a deal with.

A remarkable point

The government must be very angry-because it's pretty apparent that there's not just one single source of reporting on this stuff anymore.

The WSJ is known as the paper of the people who actually have the power over this country-Wall St and friends. When they start covering this kind of news, you know there's something bad going on. They're not ignoring it any more.

Everyone's getting into the game, and having a field day (although I do wish the WSJ would release this kind of reporting out from their paywall.)letting them know it.

Yes, indeed-when you attack one source of the information, it would seem the rest of the entities who can get involved do jump into the fray.

Why don't AT&T, Verizon and other phone services advertise their link to the NSA by plastering their insignia all over their commercials and directly on their products' packaging and brochures? "Your calls will be monitored 24/7 by the NSA to protect you against data-thieves (HAH!), hackers, drug kingpins, mobsters, gangsters, pedophiles, the boogeyman, Godzilla, Mothra, bigfoot, and TERRORISTS!"

When one maniac can wipe out a city of twenty million with a microbe developed in his basement, a new approach to law enforcement becomes necessary. Every citizen of the world must be placed under surveillance. That means sky-cams at every intersection, computer-mediated analysis of every phone call, e-mail, and snail-mail, and a purely electronic economy in which every transaction is recorded and data-mined for suspicious activity.
We are close to achieving this goal. Some would say that human liberty has been compromised, but the reality is just the opposite. As surveillance expands, people become free from danger, free to walk alone at night, free to work in a safe place, and free to buy any legal product or service without the threat of fraud. One day every man and woman will quietly earn credits, purchase items for quiet homes on quiet streets, have cook-outs with neighbors and strangers alike, and sleep with doors and windows wide open. If that isn't the tranquil dream of every free civilization throughout history, what is?

Re:

Wow, IDK if you're just pulling my leg or if it's truly your ideal. Can't bring myself to trust 100% even my closest/best friend let alone some nebulous people who are doing the monitoring, cos that's one of the things required for your "ideal" to come true. That much power means great temptations to resist.

If you're true to your ideal, why don't gather others who share it and build a walled garden where you have total surveillance and 0 privacy. That way you get to live your dream.

Re: Re:

Anna Navarre is a fictional character from Deus Ex who has been mechanically augmented into a finely honed killing machine who has personally killed nearly 1,000 people. Essentially the 'catch' is that the people in the story above live quietly not because they are content but because they are in a state of constant, paralyzing fear that one day they'll step over a line they can't see and someone like Anna Navarre will show up at their quiet home, on their quiet streets, or at one of their cookouts and just kill them on the spot no questions asked.

Re: Wait a second...

Re: Re: Wait a second...

Love how fleshed out they made that world, with little tidbits like that just lying around to find.

Rather horrifying how serious people took that, though given how close it is to the rational being used by the governments today I suppose it's not too surprising that they weren't able to tell the difference between the two.

FM Hilton Remarkable point

The big money guys who run things are uncomfortable with the idea the of the NSA having on file going back a few years, all their communications. A close examination would show who has culpability in all sorts of potential crimes, should they be looked at.

When you know where the bodies are buried, or have a "map" and how deep, you have power.

Dear WSJ

While I understand your need to gather funds to continue operation, putting a story like this behind your (somewhat porous) paywall is foolish. These stories need to be in the open and freely accessible. The end result will be lost subscribers and the stories being given to other outlets. Besides, there are many other sources, such as Techdirt, that make them available at no charge. Not too bright!

Flood them

Imagine what would happen if every email sent contained a line or two with the words that activate the NSA filters to intercept an email. 100 million emails a day with those lines written in Arabic would bring down any computer system and have the monitoring staff pulling their hair out.
In reality all NSA is achieving is creating a market for terrorists to use heavier encryption of find alternatives.

Obvious question

WIFI INTRUDER

So tonight FB chat go's crazy as I am writing and then Bam I get a wifi intruder alert and denied access. Wrote down the IP and MAC Address, thankfully right before the computer shut down (unplugged) and our wireless was gone! So did not get to save the screenshot. But had the info still. The Ip came up as 192.168.1.113 and Mac was 00:1E:4C:05:46:4E. Mac belonging to Company- Hon Hai Precision Ind.Co., Ltd. I have read NSA is Paying the tech companies to get your information. This is a tech company. We also do have AT&T. Anyone else having this issue? I had to go into our computer to reset everything! unplugging and resetting did not work.